Hi.
I was here before when my system got a bad case of something and you very kindly helped me out.
I have another problem(s). My system is starting to really struggle sometimes and just yesterday stopped dead in it's tracks midway through typing an e--mail. I opened in safe mode but being a dummy, I didn't know what to do. I tried a restore point from a few days / weks ago but no joy at all. BUT I did discover that MalwareBytes was part of the problem. After rebooting and waiting about 40 minutes for it to crawl to life, MalwareBytes 'had to close - send error message etc' I then unisnstalled it and things are running again but with this inherent lag all over the place.
I don't want to waste your valuable time but om looking at the logs from "Farbar" does this suggest a nasty surprise anywhere in here?
Thanks so much for your time so far.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-08-2015 01
Ran by graeme mackenzie (administrator) on STUDIO2PC (06-08-2015 13:13:45)
Running from C:\Documents and Settings\graeme mackenzie\Desktop
Loaded Profiles: graeme mackenzie (Available Profiles: graeme mackenzie & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple, Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
(RealNetworks, Inc.) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\Dropbox\Update\DropboxUpdate.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
(Dropbox, Inc.) C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\Dropbox\Update\DropboxUpdate.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [198160 2009-09-22] (RealNetworks, Inc.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [843776 2006-05-01] (Analog Devices, Inc.)
HKLM\...\Run: [PDVDDXSrv] => C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [118784 2006-10-20] (CyberLink Corp.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-22] (AVAST Software)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2007-02-15] (ATI Technologies Inc.)
HKU\S-1-5-21-1174786581-829596878-573906742-1005\...\Run: [VisLM] => [X]
HKU\S-1-5-21-1174786581-829596878-573906742-1005\...\Run: [Dropbox Update] => C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-1174786581-829596878-573906742-1005\...\Policies\Explorer: [NoDriveAutoRun] 0xFFFFFFFF
Startup: C:\Documents and Settings\graeme mackenzie\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-24]
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\graeme mackenzie\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\graeme mackenzie\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\graeme mackenzie\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\graeme mackenzie\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\graeme mackenzie\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\graeme mackenzie\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\graeme mackenzie\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\graeme mackenzie\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\graeme mackenzie\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-22] (AVAST Software)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /syncC:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1174786581-829596878-573906742-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1174786581-829596878-573906742-1005\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search.yahoo.com/avg/...ahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1174786581-829596878-573906742-1005 -> DefaultScope {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://search.avg.com/?d=4dc7b388&I=23&tp=chrome&q={searchTerms}&lng={language}&nt=1
SearchScopes: HKU\S-1-5-21-1174786581-829596878-573906742-1005 -> {7B3ECE68-8603-424A-8B2A-C273FBB0CA24} URL = http://www.mysearchresults.com/search?c=4005&t=14&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1174786581-829596878-573906742-1005 -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://search.avg.com/?d=4dc7b388&I=23&tp=chrome&q={searchTerms}&lng={language}&nt=1
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04] (Adobe Systems Incorporated)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-22] (AVAST Software)
Toolbar: HKU\S-1-5-21-1174786581-829596878-573906742-1005 -> No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File []
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - No File []
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File []
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - No File []
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File []
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File []
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - No File []
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [147456 2007-07-24] (Apple Inc.)
Winsock: Catalog5 05 C:\WINDOWS\system32\lspkjy.dll File not found
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{6A0B4399-5D73-4D65-9807-38A5F4CB8F22}: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Documents and Settings\graeme mackenzie\Application Data\Mozilla\Firefox\Profiles\261tkiq9.default-1423654092046
FF Homepage: https://www.google.co.uk/webhp?tab=ww&ei=LT_bVM6dCcH5aOKCgZAK&ved=0CAMQ1S4
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-31] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [2011-02-02] (Adobe Systems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2009-09-22] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.448 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll [2009-09-22] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-14] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-14] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-04-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1174786581-829596878-573906742-1005: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32asw.dll [2004-07-02] (Macromedia, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010-11-12] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2012-04-04] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2009-09-22] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-09-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-09-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-09-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-09-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-09-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2009-09-22] (RealNetworks, Inc.)
FF Extension: Video DownloadHelper - C:\Documents and Settings\graeme mackenzie\Application Data\Mozilla\Firefox\Profiles\261tkiq9.default-1423654092046\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-16]
FF Extension: Adblock Plus - C:\Documents and Settings\graeme mackenzie\Application Data\Mozilla\Firefox\Profiles\261tkiq9.default-1423654092046\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-11]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-06-07]
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG10\Firefox4
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-08-15]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-12-20]
Chrome:
=======
CHR Profile: C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-14]
CHR Extension: (Google Wallet) - C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-14]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-18]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [110592 2008-02-18] (Apple, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-22] (AVAST Software)
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [229376 2007-07-24] (Apple Inc.) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2010-11-12] (Sun Microsystems, Inc.)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-07-22] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [76000 2015-07-22] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-07-22] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-07-22] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [788784 2015-07-22] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [433264 2015-07-22] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [161472 2015-07-22] (AVAST Software)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-07-22] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [208664 2015-07-22] (AVAST Software)
R0 atiide; C:\WINDOWS\System32\DRIVERS\atiide.sys [3456 2006-09-14] (ATI Technologies Inc.)
R3 SenFiltService; C:\WINDOWS\System32\drivers\Senfilt.sys [392960 2006-03-17] (Sensaura)
S3 tbhsd; C:\WINDOWS\System32\drivers\tbhsd.sys [37664 2009-01-23] (RapidSolution Software AG)
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
U1 WS2IFSL; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-06 13:13 - 2015-08-06 13:14 - 00016207 _____ C:\Documents and Settings\graeme mackenzie\Desktop\FRST.txt
2015-08-06 13:13 - 2015-08-06 13:13 - 00000000 ____D C:\FRST
2015-08-06 13:11 - 2015-08-06 12:37 - 01673728 _____ (Farbar) C:\Documents and Settings\graeme mackenzie\Desktop\FRST.exe
2015-08-06 12:03 - 2015-07-22 10:59 - 00313472 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-08-06 10:53 - 2015-08-06 11:05 - 00000000 __SHD C:\WINDOWS\CSC
2015-07-22 11:02 - 2015-07-22 11:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$
2015-07-22 11:02 - 2008-11-07 18:55 - 00016928 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsgXP_2k3.dll
2015-07-22 11:00 - 2015-08-06 12:30 - 00167927 _____ C:\WINDOWS\Wdf01009Inst.log
2015-07-22 11:00 - 2015-07-22 10:59 - 00161472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2015-07-22 10:59 - 2015-07-22 10:59 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-07-14 12:13 - 2015-08-06 12:36 - 00001813 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2015-07-08 13:39 - 2015-08-06 12:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-06 13:14 - 2011-08-17 17:05 - 00000000 ____D C:\Documents and Settings\graeme mackenzie\Local Settings\temp
2015-08-06 13:08 - 2010-02-26 14:19 - 00000000 ___RD C:\Documents and Settings\graeme mackenzie\My Documents\My Dropbox
2015-08-06 13:06 - 2014-06-23 10:53 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-08-06 13:06 - 2004-08-11 17:20 - 00032536 _____ C:\WINDOWS\SchedLgU.Txt
2015-08-06 13:05 - 2015-06-18 10:57 - 00001032 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1174786581-829596878-573906742-1005UA.job
2015-08-06 13:02 - 2010-02-26 14:17 - 00000000 ____D C:\Documents and Settings\graeme mackenzie\Application Data\Dropbox
2015-08-06 13:01 - 2004-08-11 17:13 - 01684877 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-06 13:00 - 2015-03-18 13:48 - 00000902 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-06 13:00 - 2014-03-20 14:35 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-08-06 13:00 - 2014-03-20 14:35 - 00000048 _____ C:\WINDOWS\wiaservc.log
2015-08-06 13:00 - 2008-01-24 12:19 - 00000000 ____D C:\MDT
2015-08-06 13:00 - 2004-08-11 17:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-08-06 12:59 - 2004-08-11 17:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-06 12:58 - 2007-09-26 10:51 - 00000178 ___SH C:\Documents and Settings\graeme mackenzie\ntuser.ini
2015-08-06 12:37 - 2015-03-18 13:48 - 00000906 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-06 12:31 - 2014-11-17 16:01 - 00001689 _____ C:\Documents and Settings\All Users\Desktop\Avast Free Antivirus.lnk
2015-08-06 12:27 - 2014-03-11 15:06 - 00410003 _____ C:\WINDOWS\setupapi.log
2015-08-06 11:29 - 2014-01-14 12:22 - 00000504 _____ C:\WINDOWS\Tasks\DTReg.job
2015-08-06 11:11 - 2008-04-04 09:59 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-08-06 11:11 - 2007-09-26 16:27 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Adobe
2015-08-06 11:10 - 2012-12-04 15:12 - 00000000 ____D C:\Documents and Settings\graeme mackenzie\Application Data\uTorrent
2015-08-05 16:03 - 2004-08-11 17:20 - 00000000 ____D C:\Documents and Settings\Administrator
2015-08-05 16:02 - 2007-09-26 10:51 - 00000000 ____D C:\Documents and Settings\graeme mackenzie
2015-08-05 16:02 - 2004-08-11 17:20 - 00000000 __SHD C:\Documents and Settings\NetworkService
2015-08-05 16:02 - 2004-08-11 17:20 - 00000000 __SHD C:\Documents and Settings\LocalService
2015-08-05 16:01 - 2004-08-11 17:11 - 00000000 ____D C:\WINDOWS\Registration
2015-08-05 12:34 - 2012-04-11 10:50 - 00000000 ____D C:\Documents and Settings\graeme mackenzie\Desktop\waveroni
2015-08-05 12:20 - 2007-09-28 12:15 - 00000000 ____D C:\Documents and Settings\graeme mackenzie\My Documents\scripts
2015-08-05 12:17 - 2011-08-05 12:39 - 00000000 ____D C:\Documents and Settings\graeme mackenzie\My Documents\Graeme Docs
2015-08-05 11:02 - 2015-06-18 10:57 - 00000980 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1174786581-829596878-573906742-1005Core.job
2015-08-04 15:35 - 2015-04-23 16:11 - 00000000 ____D C:\Documents and Settings\graeme mackenzie\Application Data\NUGEN LMCorrect2
2015-08-04 14:58 - 2015-03-30 16:44 - 00000000 ____D C:\Documents and Settings\graeme mackenzie\Application Data\NUGEN Audio
2015-07-31 11:41 - 2007-09-26 16:28 - 00000000 ____D C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\Adobe
2015-07-31 11:40 - 2012-08-07 10:53 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-07-31 11:40 - 2011-08-03 12:37 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-07-31 11:34 - 2011-08-26 16:33 - 00002347 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
2015-07-31 11:34 - 2011-08-26 16:33 - 00001734 _____ C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
2015-07-28 16:46 - 2008-04-25 10:55 - 00143872 _____ C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-27 12:35 - 2014-03-12 17:50 - 00005239 _____ C:\WINDOWS\wmsetup.log
2015-07-23 09:38 - 2011-08-11 13:29 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp
2015-07-22 11:03 - 2014-03-07 13:31 - 00013864 _____ C:\WINDOWS\FaxSetup.log
2015-07-22 11:03 - 2014-03-07 13:31 - 00013272 _____ C:\WINDOWS\iis6.log
2015-07-22 11:03 - 2014-03-07 13:31 - 00008692 _____ C:\WINDOWS\ocgen.log
2015-07-22 11:03 - 2014-03-07 13:31 - 00007412 _____ C:\WINDOWS\tsoc.log
2015-07-22 11:03 - 2014-03-07 13:31 - 00004584 _____ C:\WINDOWS\comsetup.log
2015-07-22 11:03 - 2014-03-07 13:31 - 00003686 _____ C:\WINDOWS\msmqinst.log
2015-07-22 11:03 - 2014-03-07 13:31 - 00003072 _____ C:\WINDOWS\ntdtcsetup.log
2015-07-22 11:03 - 2014-03-07 13:31 - 00002675 _____ C:\WINDOWS\netfxocm.log
2015-07-22 11:03 - 2014-03-07 13:31 - 00001374 _____ C:\WINDOWS\imsins.log
2015-07-22 11:03 - 2014-03-07 13:31 - 00001144 _____ C:\WINDOWS\MedCtrOC.log
2015-07-22 11:03 - 2014-03-07 13:31 - 00000811 _____ C:\WINDOWS\ocmsn.log
2015-07-22 11:03 - 2014-03-07 13:31 - 00000776 _____ C:\WINDOWS\msgsocm.log
2015-07-22 11:03 - 2014-03-07 13:31 - 00000622 _____ C:\WINDOWS\tabletoc.log
2015-07-22 10:59 - 2014-06-23 10:56 - 00024016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-07-22 10:59 - 2014-06-23 10:53 - 00208664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-07-22 10:59 - 2014-06-23 10:53 - 00076000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-07-22 10:59 - 2014-06-23 10:53 - 00049776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-07-22 10:59 - 2011-08-15 16:47 - 00788784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-07-22 10:59 - 2011-08-15 16:47 - 00433264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-07-22 10:59 - 2011-08-15 16:47 - 00057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-07-22 10:59 - 2011-08-15 16:47 - 00055200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2015-07-14 14:51 - 2013-11-18 15:47 - 00000000 ____D C:\Documents and Settings\graeme mackenzie\My Documents\DeVine media files
2015-07-10 11:15 - 2012-05-03 10:13 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-07-09 16:53 - 2015-04-30 16:53 - 00016176 _____ C:\Documents and Settings\graeme mackenzie\My Documents\NOVA.001.odt
==================== Files in the root of some directories =======
2011-10-19 12:36 - 2008-08-10 13:09 - 1083904 ____N (Squared 5) C:\Program Files\MPEG_Streamclip.exe
2014-08-13 09:43 - 2014-08-13 09:43 - 123329022 _____ () C:\Program Files\openoffice1.cab
2014-08-13 09:41 - 2014-08-13 09:41 - 2310144 _____ () C:\Program Files\openoffice411.msi
2014-08-13 09:41 - 2014-08-13 09:41 - 0478720 _____ () C:\Program Files\setup.exe
2014-08-13 09:41 - 2014-08-13 09:41 - 0000279 _____ () C:\Program Files\setup.ini
2007-10-24 13:25 - 2007-10-24 13:26 - 0240484 _____ () C:\Documents and Settings\graeme mackenzie\Application Data\speech.wav
2007-10-24 11:43 - 2013-02-19 14:08 - 0001028 _____ () C:\Documents and Settings\graeme mackenzie\Application Data\WavCodec.wff
2011-07-27 15:24 - 2011-08-15 11:02 - 0004011 _____ () C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\bbuhcrlk.log
2012-05-03 12:12 - 2012-05-03 12:12 - 0000532 _____ () C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\datos.txt
2008-04-25 10:55 - 2015-07-28 16:46 - 0143872 _____ () C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2007-09-26 10:51 - 2007-09-26 10:55 - 0000139 _____ () C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\fusioncache.dat
2011-07-27 15:25 - 2011-08-15 11:02 - 0000937 _____ () C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\ihbntogg.log
2011-07-27 15:25 - 2011-08-15 11:02 - 0219783 _____ () C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\karkgnkj.log
2011-07-27 15:25 - 2011-08-15 11:02 - 0003162 _____ () C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\ookalwhh.log
2011-07-27 15:26 - 2011-08-15 17:10 - 0000666 _____ () C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\tgmflvsf.log
2011-07-27 15:24 - 2011-08-15 17:10 - 0000024 _____ () C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\vrajayup.log
2011-07-27 15:24 - 2011-08-08 12:39 - 0289168 _____ () C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\wihwvvcp.log
2011-07-27 15:29 - 2011-08-15 17:04 - 0632657 _____ () C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\xfwptdfg.log
Some files in TEMP:
====================
C:\Documents and Settings\graeme mackenzie\Local Settings\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgz2cd8.dll
C:\Documents and Settings\graeme mackenzie\Local Settings\temp\GUR2BF.exe
C:\Documents and Settings\graeme mackenzie\Local Settings\temp\GUR4.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of log ============================
next log in next post
I was here before when my system got a bad case of something and you very kindly helped me out.
I have another problem(s). My system is starting to really struggle sometimes and just yesterday stopped dead in it's tracks midway through typing an e--mail. I opened in safe mode but being a dummy, I didn't know what to do. I tried a restore point from a few days / weks ago but no joy at all. BUT I did discover that MalwareBytes was part of the problem. After rebooting and waiting about 40 minutes for it to crawl to life, MalwareBytes 'had to close - send error message etc' I then unisnstalled it and things are running again but with this inherent lag all over the place.
I don't want to waste your valuable time but om looking at the logs from "Farbar" does this suggest a nasty surprise anywhere in here?
Thanks so much for your time so far.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-08-2015 01
Ran by graeme mackenzie (administrator) on STUDIO2PC (06-08-2015 13:13:45)
Running from C:\Documents and Settings\graeme mackenzie\Desktop
Loaded Profiles: graeme mackenzie (Available Profiles: graeme mackenzie & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple, Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
(RealNetworks, Inc.) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\Dropbox\Update\DropboxUpdate.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
(Dropbox, Inc.) C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\Dropbox\Update\DropboxUpdate.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [198160 2009-09-22] (RealNetworks, Inc.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [843776 2006-05-01] (Analog Devices, Inc.)
HKLM\...\Run: [PDVDDXSrv] => C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [118784 2006-10-20] (CyberLink Corp.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-22] (AVAST Software)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2007-02-15] (ATI Technologies Inc.)
HKU\S-1-5-21-1174786581-829596878-573906742-1005\...\Run: [VisLM] => [X]
HKU\S-1-5-21-1174786581-829596878-573906742-1005\...\Run: [Dropbox Update] => C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-1174786581-829596878-573906742-1005\...\Policies\Explorer: [NoDriveAutoRun] 0xFFFFFFFF
Startup: C:\Documents and Settings\graeme mackenzie\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-24]
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\graeme mackenzie\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\graeme mackenzie\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\graeme mackenzie\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\graeme mackenzie\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\graeme mackenzie\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\graeme mackenzie\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\graeme mackenzie\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\graeme mackenzie\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\graeme mackenzie\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-22] (AVAST Software)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /syncC:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1174786581-829596878-573906742-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1174786581-829596878-573906742-1005\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search.yahoo.com/avg/...ahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1174786581-829596878-573906742-1005 -> DefaultScope {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://search.avg.com/?d=4dc7b388&I=23&tp=chrome&q={searchTerms}&lng={language}&nt=1
SearchScopes: HKU\S-1-5-21-1174786581-829596878-573906742-1005 -> {7B3ECE68-8603-424A-8B2A-C273FBB0CA24} URL = http://www.mysearchresults.com/search?c=4005&t=14&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1174786581-829596878-573906742-1005 -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://search.avg.com/?d=4dc7b388&I=23&tp=chrome&q={searchTerms}&lng={language}&nt=1
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04] (Adobe Systems Incorporated)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-22] (AVAST Software)
Toolbar: HKU\S-1-5-21-1174786581-829596878-573906742-1005 -> No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File []
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - No File []
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File []
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - No File []
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File []
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File []
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - No File []
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [147456 2007-07-24] (Apple Inc.)
Winsock: Catalog5 05 C:\WINDOWS\system32\lspkjy.dll File not found
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{6A0B4399-5D73-4D65-9807-38A5F4CB8F22}: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Documents and Settings\graeme mackenzie\Application Data\Mozilla\Firefox\Profiles\261tkiq9.default-1423654092046
FF Homepage: https://www.google.co.uk/webhp?tab=ww&ei=LT_bVM6dCcH5aOKCgZAK&ved=0CAMQ1S4
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-31] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [2011-02-02] (Adobe Systems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2009-09-22] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.448 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll [2009-09-22] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-14] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-14] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-04-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1174786581-829596878-573906742-1005: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32asw.dll [2004-07-02] (Macromedia, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010-11-12] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2012-04-04] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2009-09-22] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-09-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-09-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-09-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-09-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-09-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2009-09-22] (RealNetworks, Inc.)
FF Extension: Video DownloadHelper - C:\Documents and Settings\graeme mackenzie\Application Data\Mozilla\Firefox\Profiles\261tkiq9.default-1423654092046\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-16]
FF Extension: Adblock Plus - C:\Documents and Settings\graeme mackenzie\Application Data\Mozilla\Firefox\Profiles\261tkiq9.default-1423654092046\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-11]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-06-07]
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG10\Firefox4
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-08-15]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-12-20]
Chrome:
=======
CHR Profile: C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-14]
CHR Extension: (Google Wallet) - C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-14]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-18]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [110592 2008-02-18] (Apple, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-22] (AVAST Software)
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [229376 2007-07-24] (Apple Inc.) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2010-11-12] (Sun Microsystems, Inc.)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-07-22] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [76000 2015-07-22] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-07-22] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-07-22] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [788784 2015-07-22] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [433264 2015-07-22] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [161472 2015-07-22] (AVAST Software)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-07-22] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [208664 2015-07-22] (AVAST Software)
R0 atiide; C:\WINDOWS\System32\DRIVERS\atiide.sys [3456 2006-09-14] (ATI Technologies Inc.)
R3 SenFiltService; C:\WINDOWS\System32\drivers\Senfilt.sys [392960 2006-03-17] (Sensaura)
S3 tbhsd; C:\WINDOWS\System32\drivers\tbhsd.sys [37664 2009-01-23] (RapidSolution Software AG)
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
U1 WS2IFSL; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-06 13:13 - 2015-08-06 13:14 - 00016207 _____ C:\Documents and Settings\graeme mackenzie\Desktop\FRST.txt
2015-08-06 13:13 - 2015-08-06 13:13 - 00000000 ____D C:\FRST
2015-08-06 13:11 - 2015-08-06 12:37 - 01673728 _____ (Farbar) C:\Documents and Settings\graeme mackenzie\Desktop\FRST.exe
2015-08-06 12:03 - 2015-07-22 10:59 - 00313472 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-08-06 10:53 - 2015-08-06 11:05 - 00000000 __SHD C:\WINDOWS\CSC
2015-07-22 11:02 - 2015-07-22 11:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$
2015-07-22 11:02 - 2008-11-07 18:55 - 00016928 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsgXP_2k3.dll
2015-07-22 11:00 - 2015-08-06 12:30 - 00167927 _____ C:\WINDOWS\Wdf01009Inst.log
2015-07-22 11:00 - 2015-07-22 10:59 - 00161472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2015-07-22 10:59 - 2015-07-22 10:59 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-07-14 12:13 - 2015-08-06 12:36 - 00001813 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2015-07-08 13:39 - 2015-08-06 12:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-06 13:14 - 2011-08-17 17:05 - 00000000 ____D C:\Documents and Settings\graeme mackenzie\Local Settings\temp
2015-08-06 13:08 - 2010-02-26 14:19 - 00000000 ___RD C:\Documents and Settings\graeme mackenzie\My Documents\My Dropbox
2015-08-06 13:06 - 2014-06-23 10:53 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-08-06 13:06 - 2004-08-11 17:20 - 00032536 _____ C:\WINDOWS\SchedLgU.Txt
2015-08-06 13:05 - 2015-06-18 10:57 - 00001032 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1174786581-829596878-573906742-1005UA.job
2015-08-06 13:02 - 2010-02-26 14:17 - 00000000 ____D C:\Documents and Settings\graeme mackenzie\Application Data\Dropbox
2015-08-06 13:01 - 2004-08-11 17:13 - 01684877 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-06 13:00 - 2015-03-18 13:48 - 00000902 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-06 13:00 - 2014-03-20 14:35 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-08-06 13:00 - 2014-03-20 14:35 - 00000048 _____ C:\WINDOWS\wiaservc.log
2015-08-06 13:00 - 2008-01-24 12:19 - 00000000 ____D C:\MDT
2015-08-06 13:00 - 2004-08-11 17:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-08-06 12:59 - 2004-08-11 17:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-06 12:58 - 2007-09-26 10:51 - 00000178 ___SH C:\Documents and Settings\graeme mackenzie\ntuser.ini
2015-08-06 12:37 - 2015-03-18 13:48 - 00000906 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-06 12:31 - 2014-11-17 16:01 - 00001689 _____ C:\Documents and Settings\All Users\Desktop\Avast Free Antivirus.lnk
2015-08-06 12:27 - 2014-03-11 15:06 - 00410003 _____ C:\WINDOWS\setupapi.log
2015-08-06 11:29 - 2014-01-14 12:22 - 00000504 _____ C:\WINDOWS\Tasks\DTReg.job
2015-08-06 11:11 - 2008-04-04 09:59 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-08-06 11:11 - 2007-09-26 16:27 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Adobe
2015-08-06 11:10 - 2012-12-04 15:12 - 00000000 ____D C:\Documents and Settings\graeme mackenzie\Application Data\uTorrent
2015-08-05 16:03 - 2004-08-11 17:20 - 00000000 ____D C:\Documents and Settings\Administrator
2015-08-05 16:02 - 2007-09-26 10:51 - 00000000 ____D C:\Documents and Settings\graeme mackenzie
2015-08-05 16:02 - 2004-08-11 17:20 - 00000000 __SHD C:\Documents and Settings\NetworkService
2015-08-05 16:02 - 2004-08-11 17:20 - 00000000 __SHD C:\Documents and Settings\LocalService
2015-08-05 16:01 - 2004-08-11 17:11 - 00000000 ____D C:\WINDOWS\Registration
2015-08-05 12:34 - 2012-04-11 10:50 - 00000000 ____D C:\Documents and Settings\graeme mackenzie\Desktop\waveroni
2015-08-05 12:20 - 2007-09-28 12:15 - 00000000 ____D C:\Documents and Settings\graeme mackenzie\My Documents\scripts
2015-08-05 12:17 - 2011-08-05 12:39 - 00000000 ____D C:\Documents and Settings\graeme mackenzie\My Documents\Graeme Docs
2015-08-05 11:02 - 2015-06-18 10:57 - 00000980 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1174786581-829596878-573906742-1005Core.job
2015-08-04 15:35 - 2015-04-23 16:11 - 00000000 ____D C:\Documents and Settings\graeme mackenzie\Application Data\NUGEN LMCorrect2
2015-08-04 14:58 - 2015-03-30 16:44 - 00000000 ____D C:\Documents and Settings\graeme mackenzie\Application Data\NUGEN Audio
2015-07-31 11:41 - 2007-09-26 16:28 - 00000000 ____D C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\Adobe
2015-07-31 11:40 - 2012-08-07 10:53 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-07-31 11:40 - 2011-08-03 12:37 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-07-31 11:34 - 2011-08-26 16:33 - 00002347 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
2015-07-31 11:34 - 2011-08-26 16:33 - 00001734 _____ C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
2015-07-28 16:46 - 2008-04-25 10:55 - 00143872 _____ C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-27 12:35 - 2014-03-12 17:50 - 00005239 _____ C:\WINDOWS\wmsetup.log
2015-07-23 09:38 - 2011-08-11 13:29 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp
2015-07-22 11:03 - 2014-03-07 13:31 - 00013864 _____ C:\WINDOWS\FaxSetup.log
2015-07-22 11:03 - 2014-03-07 13:31 - 00013272 _____ C:\WINDOWS\iis6.log
2015-07-22 11:03 - 2014-03-07 13:31 - 00008692 _____ C:\WINDOWS\ocgen.log
2015-07-22 11:03 - 2014-03-07 13:31 - 00007412 _____ C:\WINDOWS\tsoc.log
2015-07-22 11:03 - 2014-03-07 13:31 - 00004584 _____ C:\WINDOWS\comsetup.log
2015-07-22 11:03 - 2014-03-07 13:31 - 00003686 _____ C:\WINDOWS\msmqinst.log
2015-07-22 11:03 - 2014-03-07 13:31 - 00003072 _____ C:\WINDOWS\ntdtcsetup.log
2015-07-22 11:03 - 2014-03-07 13:31 - 00002675 _____ C:\WINDOWS\netfxocm.log
2015-07-22 11:03 - 2014-03-07 13:31 - 00001374 _____ C:\WINDOWS\imsins.log
2015-07-22 11:03 - 2014-03-07 13:31 - 00001144 _____ C:\WINDOWS\MedCtrOC.log
2015-07-22 11:03 - 2014-03-07 13:31 - 00000811 _____ C:\WINDOWS\ocmsn.log
2015-07-22 11:03 - 2014-03-07 13:31 - 00000776 _____ C:\WINDOWS\msgsocm.log
2015-07-22 11:03 - 2014-03-07 13:31 - 00000622 _____ C:\WINDOWS\tabletoc.log
2015-07-22 10:59 - 2014-06-23 10:56 - 00024016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-07-22 10:59 - 2014-06-23 10:53 - 00208664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-07-22 10:59 - 2014-06-23 10:53 - 00076000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-07-22 10:59 - 2014-06-23 10:53 - 00049776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-07-22 10:59 - 2011-08-15 16:47 - 00788784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-07-22 10:59 - 2011-08-15 16:47 - 00433264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-07-22 10:59 - 2011-08-15 16:47 - 00057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-07-22 10:59 - 2011-08-15 16:47 - 00055200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2015-07-14 14:51 - 2013-11-18 15:47 - 00000000 ____D C:\Documents and Settings\graeme mackenzie\My Documents\DeVine media files
2015-07-10 11:15 - 2012-05-03 10:13 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-07-09 16:53 - 2015-04-30 16:53 - 00016176 _____ C:\Documents and Settings\graeme mackenzie\My Documents\NOVA.001.odt
==================== Files in the root of some directories =======
2011-10-19 12:36 - 2008-08-10 13:09 - 1083904 ____N (Squared 5) C:\Program Files\MPEG_Streamclip.exe
2014-08-13 09:43 - 2014-08-13 09:43 - 123329022 _____ () C:\Program Files\openoffice1.cab
2014-08-13 09:41 - 2014-08-13 09:41 - 2310144 _____ () C:\Program Files\openoffice411.msi
2014-08-13 09:41 - 2014-08-13 09:41 - 0478720 _____ () C:\Program Files\setup.exe
2014-08-13 09:41 - 2014-08-13 09:41 - 0000279 _____ () C:\Program Files\setup.ini
2007-10-24 13:25 - 2007-10-24 13:26 - 0240484 _____ () C:\Documents and Settings\graeme mackenzie\Application Data\speech.wav
2007-10-24 11:43 - 2013-02-19 14:08 - 0001028 _____ () C:\Documents and Settings\graeme mackenzie\Application Data\WavCodec.wff
2011-07-27 15:24 - 2011-08-15 11:02 - 0004011 _____ () C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\bbuhcrlk.log
2012-05-03 12:12 - 2012-05-03 12:12 - 0000532 _____ () C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\datos.txt
2008-04-25 10:55 - 2015-07-28 16:46 - 0143872 _____ () C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2007-09-26 10:51 - 2007-09-26 10:55 - 0000139 _____ () C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\fusioncache.dat
2011-07-27 15:25 - 2011-08-15 11:02 - 0000937 _____ () C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\ihbntogg.log
2011-07-27 15:25 - 2011-08-15 11:02 - 0219783 _____ () C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\karkgnkj.log
2011-07-27 15:25 - 2011-08-15 11:02 - 0003162 _____ () C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\ookalwhh.log
2011-07-27 15:26 - 2011-08-15 17:10 - 0000666 _____ () C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\tgmflvsf.log
2011-07-27 15:24 - 2011-08-15 17:10 - 0000024 _____ () C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\vrajayup.log
2011-07-27 15:24 - 2011-08-08 12:39 - 0289168 _____ () C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\wihwvvcp.log
2011-07-27 15:29 - 2011-08-15 17:04 - 0632657 _____ () C:\Documents and Settings\graeme mackenzie\Local Settings\Application Data\xfwptdfg.log
Some files in TEMP:
====================
C:\Documents and Settings\graeme mackenzie\Local Settings\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgz2cd8.dll
C:\Documents and Settings\graeme mackenzie\Local Settings\temp\GUR2BF.exe
C:\Documents and Settings\graeme mackenzie\Local Settings\temp\GUR4.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of log ============================
next log in next post